Last Thursday, the Office of Personnel Management announced a massive breach in security resulting in the theft of personnel files from two million current federal employees and an additional two million former employees dating back to the 1980s. The response to this hack is yet another example of incompetent leadership from the White House. While the NSA was collecting metadata on every American’s phone logs, the federal government was vulnerable to foreign aggressors harvesting data for themselves.

According to leading experts in the systems security industry, China perpetrated these attacks. Several U.S. officials and analysts say the Chinese are “using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary.”

Rich Barger, chief intelligence officer at ThreatConnect, a Northern Virginia computer security firm, notes the Chinese are “definitely going after quite a bit of personnel information.” Barger’s firm suspects the Chinese are “using it to understand more about who to target [for espionage], whether electronically or via human recruitment.”

Another U.S. government official warns, “This is part of their strategic goal — to increase their intelligence collection via big-data theft and big-data aggregation.”

With all of this data, China can learn which individuals have lived in China and which American officials are meeting with the Chinese, therefore refining their targeting. They can also target family members based on an individual’s data.

Of course, the Chinese government scoffs at the allegations that the attack originated in China, and a foreign ministry spokesman has called for “more cooperation.” Actually, what the Obama administration needs is a better defensive strategy to combat cyberwarfare. For starters, it would help if Obama actually acknowledged China’s cyberwarfare, but it doesn’t appear that’s going to happen anytime soon. Better to let the next administration deal with it, along with every other foreign policy crisis he has created through weakness.

The Wall Street Journal notes that “the Obama Administration has responded mainly with diplomacy and some indictments against Chinese hackers whom China’s government won’t even stop, much less arrest and extradite to the U.S. for trial.”

Speaking of diplomacy, two years ago at a summit, Obama attempted to press China’s Supreme Leader Xi Jinping on the issue, but Xi refused to admit that his government was involved in any hacking. It appears yet again that Obama’s rhetoric failed to set all things right. Shocking, we know.

In a press conference last week, Obama spokesman Josh Earnest noted that the administration has been pressing Congress for the last two years to pass legislation that would allow information sharing between private companies and the government. But the administration’s proposal doesn’t have anything to do with protecting government agencies from security breaches. Rather, it proposes costly government regulation and mandates on private companies. Where have we heard that before?

Instead of layers of bureaucracy, Obama should be leading an all-out effort via the Pentagon and U.S. intelligence agencies to prevent these types of hacks. He should develop a sound strategy to engage our adversaries in cyberwarfare. These adversaries need to know that their actions will not go unpunished. But to do so, Obama first has to admit that there’s a problem, and a narcissist like him always has the most trouble with that first step.